Documentation

fortios_address - Manage fortios firewall address objects

New in version 2.4.

Synopsis

  • This module provide management of firewall addresses on FortiOS devices.

Parameters

Parameter Choices/Defaults Comments
backup
bool
    Choices:
  • no ←
  • yes
This argument will cause the module to create a backup of the current running-config from the remote device before any changes are made. The backup file is written to the i(backup) folder.
backup_filename
Specifies the backup filename. If omitted filename will be formatted like HOST_config.YYYY-MM-DD@HH:MM:SS
backup_path
Specifies where to store backup files. Required if backup=yes.
comment
free text to describe address.
config_file
(added in 2.4)
Path to configuration file. Required when file_mode is True.
country
2 letter country code (like FR).
end_ip
Last ip in range (used only with type=iprange).
file_mode
bool

(added in 2.4)
    Choices:
  • no ←
  • yes
Don't connect to any device, only use config_file as input and Output.
host
Specifies the DNS hostname or IP address for connecting to the remote fortios device. Required when file_mode is False.
interface Default:
any
interface name the address apply to.
name
required
Name of the address to add or delete.
password
Specifies the password used to authenticate to the remote device. Required when file_mode is True.
start_ip
First ip in range (used only with type=iprange).
state
required
    Choices:
  • present
  • absent
Specifies if address need to be added or deleted.
timeout Default:
60
Timeout in seconds for connecting to the remote device.
type
    Choices:
  • iprange
  • fqdn
  • ipmask
  • geography
Type of the address.
username
Configures the username used to authenticate to the remote device. Required when file_mode is True.
value
Address value, based on type. If type=fqdn, somthing like www.google.com. If type=ipmask, you can use simple ip (192.168.0.1), ip+mask (192.168.0.1 255.255.255.0) or CIDR (192.168.0.1/32).
vdom
Specifies on which vdom to apply configuration

Notes

Note

  • This module requires netaddr python library.

Examples

- name: Register french addresses
  fortios_address:
    host: 192.168.0.254
    username: admin
    password: p4ssw0rd
    state: present
    name: "fromfrance"
    type: geography
    country: FR
    comment: "French geoip address"

- name: Register some fqdn
  fortios_address:
    host: 192.168.0.254
    username: admin
    password: p4ssw0rd
    state: present
    name: "Ansible"
    type: fqdn
    value: www.ansible.com
    comment: "Ansible website"

- name: Register google DNS
  fortios_address:
    host: 192.168.0.254
    username: admin
    password: p4ssw0rd
    state: present
    name: "google_dns"
    type: ipmask
    value: 8.8.8.8

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
change_string
string
 only if config changed
The commands executed by the module.
firewall_address_config
string
 always
full firewall adresses config string.


Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Author

  • Benjamin Jolivot (@bjolivot)

Hint

If you notice any issues in this documentation you can edit this document to improve it.